UbuntuUpdates.org

Package "gvfs-libs"

Name: gvfs-libs

Description:

userspace virtual filesystem - private libraries

Latest version: 1.28.2-1ubuntu1~16.04.3
Release: xenial (16.04)
Level: security
Repository: main
Head package: gvfs
Homepage: https://wiki.gnome.org/Projects/gvfs

Links


Download "gvfs-libs"


Other versions of "gvfs-libs" in Xenial

Repository Area Version
base main 1.28.1-1ubuntu1
updates main 1.28.2-1ubuntu1~16.04.3

Changelog

Version: 1.28.2-1ubuntu1~16.04.3 2019-07-09 13:07:20 UTC

  gvfs (1.28.2-1ubuntu1~16.04.3) xenial-security; urgency=medium

  * SECURITY UPDATE: incorrect D-Bus server socket restrictions
    - debian/patches/CVE-2019-12795-1.patch: check that the connecting
      client is the same user in daemon/gvfsdaemon.c.
    - debian/patches/CVE-2019-12795-2.patch: only accept EXTERNAL
      authentication in daemon/gvfsdaemon.c.
    - CVE-2019-12795

 -- Marc Deslauriers <email address hidden> Fri, 05 Jul 2019 09:06:22 -0400

CVE-2019-12795 daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket witho



About   -   Send Feedback to @ubuntu_updates